An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Working with Little Snitch
#35024 07/11/15 07:45 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: jaybass
artie, I have just finished printing the LS PDF (56 pages) some which don't concern me and some do seem a little formidable. You were right, I have been inundated with what to deny or allow. Apps like itunes, iphoto, and software I have purchased, are they safe to click 'forever'? One item that came up more than once,is CRSUD-swscan.apple.com which when I googled it has different opinions about allowing. I couldn't find a definitive answer. Do you have a rule of thumb regarding whether to allow or deny. There are several images in the PDF that I don't know how to access.

I've started this thread in response to jaybass's quoted (off-topic) post elsewhere.

First, remember that no LS rule is final, so if you goof, you can always undo your mistake; it's a pain, but better safe....

My basic approach, then, is to be fully aware of what belongs on my deuced Mac(hina), to question anything unfamiliar, and to avoid complicating my life, and with that in mind...

1. I allow all Apple and 3rd party apps to check for updates "Forever". (I had three different Apple items at one time.) Requests by 3rd party apps aren't always identified as update checks, but if I've selected the option in the app's preferences and the connection is to the developer's website, I'm satisfied.

2. I've gotten a bunch of requests from both Apple and 3rd party apps for UDP connections via nmblookup to port 137; they deal with LAN functionality, and I've denied them all forever. (The only app connections I allow are apparently benign ones to developers' websites.)

3. I deny "Forever" all connection requests for things I either know or think I know that I've got neither need nor desire for. (Location services, Dashboard, and the iTunes Store are examples.)

4. I'm very wary of connection requests emanating from browsers, and I automatically deny "Until Quit" all such requests. (That may be an exaggeration, but I can't imagine why at the moment.) This may be unwarranted paranoia, but I prefer that websites be complete in and of themselves, and I've often closed pages without seeing what I was looking for rather than allow connections (and either searched for a different site with the same info or passed on it).

I hope you find this helpful, and I hope others kick in with all that I've forgotten, overlooked, and gotten wrong.

(Please clarify "images that [you] don't know how access".)


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Working with Little Snitch
artie505 #35027 07/11/15 02:52 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Good call to start this thread, Artie. It could be interesting and helpful to many of us. To that end I’d like to add a few notes to your post as discussion items. As a LS user myself, I can see why your default position would be to forever deny ‘all’ outgoing connections. But I’m sure you also realized that the more you ‘do’ on the internet, the more likely it is that you break something by blocking connections. You may not even notice missing elements on a web page due to a denied connection request, even though they may be functionality-critical. As there are web sites that literally throw tens of connection requests at you, figuring which one(s) denied is blocking the content you want/need can quickly become quite a chore (see below). Perhaps the easy way out of that quagmire would be to avoid such web sites, but that may not always be so simple.

As an aside, I vaguely remember you mentioning elsewhere in these forums that you didn’t see the need for LS v3. Here’s one: LS throws its connection requests at you very specifically, by listing the exact URL for the page you’re on. Frequently, requests made are for various pages in the same domain ( e.g., iTunes etc.), and handling those barrages can quickly become annoying. LS v3 allows you to click on the URL in the alert window and select various options to broaden the request from the specific URL to the entire domain. That cuts back on those same-domain requests quite effectively. Unfortunately, certain sites (e.g. Spotify) are so prolific with different domain requests, it’s tempting to disable LS there altogether.
Another LS v3 feature is the much improved contextual Help within the LS Configuration utility, nicely complemented with tie-ins to Notifications. This is one place where contextuality is not only appropriate, but extremely helpful. The various suggestions LS v3 makes here and there are a third major improvement over v2. But that’s just my opinion.


alternaut moderator

Moderated by  alternaut, dianne, dkmarsh 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.016s Queries: 18 (0.010s) Memory: 0.5747 MB (Peak: 0.6343 MB) Data Comp: Zlib Server Time: 2024-03-28 13:06:47 UTC
Valid HTML 5 and Valid CSS